5 users thanked author for this post.

Encouraged by comments from a fellow Panda AV user on one of the earlier threads about the April 2019 updates, after making system partition backups for W7 Home Premium and W8.1 Pro (dual-booting) for both 32 bit and 64 bit PCs I took the plunge and updated with the Security Only (SO) and IE updates from the Windows Catalog.

For W7 I have Panda AV running in parallel with Malwarebytes Antimalware Premium and everything looks OK after the updates. As noted in the earlier thread there was a 2nd reboot for the SO update (at the login window after the 1st reboot).

For W8.1 I only have Panda AV and again everything looks OK. The occasional Windows Explorer problem which re-appears every few months with a windows update did not re-appear this month. There was only 1 reboot with the SO update. The IE updating did take a long time to get started (delayed at the “searching for updates …” stage), but completed eventually.

BTW: I had been a satisfied Avira user for many years until a couple of years ago when I found it was then making my old PCs very slow. I tried rebuilding the PC s/w again from scratch, but it was still slow. I was also annoyed by their “Launcher/Connect” adware thing which they kept forcibly installing although I tried to uninstall it – malware behaviour itself.

HTH. Garbo.

1 user thanked author for this post.

If this is only affecting some makers’ security software then maybe it’s safer to wait and see but I have applied the patches to my HP probook(Windows 7 Pro laptop) and I have always used the security only patches since MS started its cumulative/all in one style patching in Oct 2016.

I’m running Norton Security Suite(ISP’s version provided to customers as part of service) and have had no issues after the updates where installed. I’ll wait longer for my other laptops to apply the updates but I have not read about any other non Security Software related issues with MS’s April 2019 patches on windows 7.

Maybe Microsoft and the Security Software Folks need to get on the same page regarding security patches and testing for any Security Software issues with any MS OS/API or application patching. The Security Software folks make use of many OS Kernel/API hooks and maybe they should have some representatives that are stationed at MS’s patching division headquarters(if there still is a Patching and/or Q/A and Q/C headquarters) to see that their respective Security Suites have no issues.

Making use of any Undocumented OS/Kernel/API hooks appears to be an ongoing issue with Security Software so maybe that process needs to change in the future. But Microsoft needs to make sure that it maitains some Proper and Well Documented/Well Maintained OS/Kernel/API hooks for the third party security software providors to access and properly protect the consumer’s PCs/Laptops that make use of MS’s various OS/API ecosystems.

There are those who blame the AVs for the problems that occurred. And I have to say that the use of illegal APIs and hooks into the kernel should not be excused.

But we are talking about several major AVs here, on millions of PCs everywhere. Microsoft does not give the AV manufacturers access to Windows patches ahead of time. So they have no way to test what is coming.

But Microsoft most certainly has access to the major AVs programs. All the time. And they have the ability to block them from the updates. In fact, they did so after the fact. It wasn’t only consumers that were effected as many businesses felt the impact as well.

There is no excuse for Microsoft allowing a major problem like this to occur – unless they are just plain negligent or just don’t care about their customers (or maybe both).

10 users thanked author for this post.

There are those who blame the AVs for the problems that occurred. And I have to say that the use of illegal APIs and hooks into the kernel should not be excused. But we are talking about several major AVs here, on millions of PCs everywhere. Microsoft does not give the AV manufacturers access to Windows patches ahead of time. So they have no way to test what is coming. But Microsoft most certainly has access to the major AVs programs. All the time. And they have the ability to block them from the updates. In fact, they did so after the fact. It wasn’t only consumers that were effected as many businesses felt the impact as well. There is no excuse for Microsoft allowing a major problem like this to occur – unless they are just plain negligent or just don’t care about their customers (or maybe both).

Is it Microsoft’s job to look for compatibility issues for all software or just AV products? Adobe refused to support Lightroom on Windows 8.1 after a dll fix on a Microsoft update caused issues. I was forced to update to Windows 10 because that’s what Adobe supports these days. I’m sympathetic to users who ran into problems with the patches but I’m not sure that Microsoft is wholly to blame here.

The Previews contain only the non-security updates for the upcoming Rollup. Since this problem also affected the upcoming Security-only updates (upcoming security patches are not included in the Previews), the use of the Previews would not have shown the problems. The AVs did not have access to the patches ahead of time.

1 user thanked author for this post.

PKCano, MS ultimately is responsible for their updates not major or minor AV vendors. The AV vendors may be partially at fault but the companies we are talking about are long time, well known vendors. I would expect there to be some sort of relationship between the major vendors and MS to avoid these issues.

But one has to take this latest mess in context with other update fiascoes from MS. The regularity of the problems seems to point to internal problems at MS as the root cause. You have to ask what is the common denominator over the last couple of years of nasty surprises from the updates. Not all the problems had anything to do with AV software but all had in common MS. From my vantage point I cannot pin down the root cause. But the apparent lack of effort to solve the problem is even more troubling.

So to your question, I would say it is more indifference caused by changing internal focus away from the desktop to cloud and more purely enterprise software. Couple this with a complete misunderstanding of the OS market and user needs and you get a recipe for an ongoing, slow motion disaster. For those caught up in it, it will be painful at best to suffer through it.

I personally just have a problem with any features breaking during extended support. One of the main reasons to stick with extended support versions is to avoid the churn that happens with the constant updates.

The reason I’m on Windows 7 is to avoid the problems they have with a constantly changing codebase that needs semiannual replacements just to function. I would have been on Windows 10 if they had just had incremental updates the whole time that did not constantly have issues. They could have done less work and had more uptake.

According to the Computerworld article: ” Microsoft says that it’s still blocking the six bad actors from installing on computers with Sophos Endpoint installed. There’s no similar advice for Avast. ”

I’ve only heard of four “bad actors”. Now there are six? But altogether seven, when Avast was still one of them (if that is what the quote means)? Which ones are they now? Just curious. Not in any need or hurry to install this month’s Security Only patch.

1 user thanked author for this post.

and remember that article by Avira titled “Why does my system run very slow”? Avira seems to have recently pulled that KB article as it now produces a 404 not found error message.

The article has been deleted – now only am empty site with ‘was this article helpful’ is displayed. But I received a comment from an AVIRA user to an article I wrote yesterday about the topic in German news site Heise. The reader claims, that his issues are gonce since hours, although Avira and the update are still installed in Windows 7. He suppose a ‘secret Avira update’ – and another user confirmed that. I’ve compiled more details within my blog post Windows patchday issues–one week later (April 17, 2019)

4 users thanked author for this post.

I think it’s the responsibility of the anti-virus companies to test their products when there are Windows updates- or perhaps they don’t really want to support Windows 7 anymore. I have Norton and installed all of this months updates with no problems.

The question wasn’t whether I would want the AVs to have access or not.

The question was who COULD have tested ahead of time to recognize/prevent the problem that was caused. My contention is, that Microsoft COULD have realized the outcome (and who knows, they may have) and prevented the havoc, but the AVs could not.

2 users thanked author for this post.

Yesterday troubleshooting ‘update other Microsoft products’, I must have inadvertently left my update setting on automatic.

On return to my PC this morning after breakfast, switching on the screen and pressing a key to wake it resulted startup and the warning of a BSOD shut-down. I went straight to update to find KB4493472 had been installed. Needless to say, it was immediately uninstalled.

I don’t use Kerberos ticket. I don’t use Sophos, Avira, ArcaBit or Avast. I use Kaspersky.

On a possibly related note, Balarc Advisor, says the computer needs kb4493448 and does not list KB4493472 (I ran Belarc before hiding the bad update).

To work around, I plan to go back to fully manual update on this machine (Windows 10 machines are all OK).

The level of ‘advice’ I can give at this stage is “kb4493448 remains hidden until Microsoft casually drops it in the update list again AND they have nothing adverse is included in the release notes”. Even then there will be no attempt to install until a few weeks after release.

KB4493472 was back today. I double-checked. “Yes, still hidden”. Cat-like curiosity eventually got the better of me and I installed it “just to test it”. No BSOD. So far, so good.

Meanwhile Belarc tells me IE and Office update are still not revealing themselves in Windows update. They can bid their time and be installed manually. Meanwhile, no Windows update icon in the notification area is a pleasant change.

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.

We are at DEFCON-2 (to see a description of the DEFCON system, click on the button in the top gray menubar).
The answer to your question, in a word: NO.
On the page you linked, these are the known issues. The one with McAfee just showed up yesterday.

Attachments:

1 user thanked author for this post.

Haven’t posted in awhile, is it just my imagination, or has the tone here deteriorated a bit?

Just stopped by to observe that a cynical interpretation of M$’s cascading update catastrophes would call them part of a deliberate strategy to fatally wound Win7 & 8.1 to the point they become unusable, and the holdouts (like me & my Win7) have no choice left but to move to Win10. I haven’t signed on to that opinion yet, but I am inching ever closer. My decision to jump from Group B to Group W as of Dec 2017 is looking better with every passing month – and no, I have experienced NO adverse incidents as a result.

I had been thinking, though, that it might be a good idea to consult Woody (and The Lounge) for ideas about a possible exit strategy when Win7 support ends:

can we expect final, clean updates for all functions of Win7 on Jan 15, 2020?

if so, should I consider updating my OS accordingly at that time?

or am I better off just staying put?

I had been leaning toward #2, but now I’m not sure, now the adage “if it ain’t broke, don’t fix it” has a certain appeal. Woody, I hope you plan to address this matter in future columns, and I’m sure I’m not alone.

In the meantime, Woody, I got ambushed on my way here today, from a COMPLETELY unexpected quarter: when I clicked on the AskWoody link at the bottom of your column (and got the same result with my own archived link) it threw a Wordfence/Wordpress block on access! I have no idea what those are, so the solutions offered were nonsensical!

After I wasted time restarting FF with add-ons disabled, then turned off Zone Alarm Free FW, I finally found the culprit: the block was triggered by the alias IP I was connected to on NordVPN!
<p style=”text-align: center;”></p>
When I changed from the “bad” IP (in Denver) to a different IP (in Seattle) the problem disappeared.

This Brave New Digital World stinks! You don’t have to go LOOKING for trouble, it finds YOU, even if you are just minding your own business! I can still troubleshoot my way to a solution (barely!) but I wonder how much longer that will be true? Unlike some of you, I’m not getting any younger! 🙂

1 user thanked author for this post.

Thanks PK, that AskWoody link was helpful. I already use WhatIsMyIPAddress, but I had not dug down to the blacklist check before. Sure enough, that bad Denver IP had three hits on it, one of which must have been fatal, but the Seattle one I am using currently has one too (that hit appears on both) but apparently that one is not fatal with respect to AskWoody.

In a different matter (as I said, I haven’t posted in awhile) why don’t I get a nifty gold medal badge? The patrons roster (which I can no longer find) listed me twice, once by my moniker (which I prefer) and once by my real name (which someone apparently took off my donation check). I surmise those donations have “aged out”?

As someone who also joined Group W since December 2017 (to avoid the Specter/Meltdown patches) I’m facing the same future/decisions as you are.

I think the change of tone is less a deterioration, than integration of the Windows Secrets folks. Group B/W choices are alien to them, as well as the discussions we had that led to those choices. There have always been those who have had strong opinions… (yes, I’m looking in a mirror and see one opinionated grandma!), and the Windows Secrets folks aren’t any different.

The challenge is to be able to express diverse opinions without disrespecting each other, explaining options, and encouraging and supporting others to make their own educated decisions, even as Microsoft has been discouraging and limiting and engaging in marketing babble speak, to push everyone to do it their way.

Those of us, especially those that are technically challenged (like me), who are rejecting the privacy invasions on personal ethics and moral grounds, can be at a disadvantage on a tech site. However, it is just as important that large corporations act in ethical ways. Evaluating the usefulness of their products regarding personal end users’ needs is as valid, if not more so, than how well the code and features work (especially when they are deliberately masking and minimizing the impact of data harvesting). Too many techies get caught up in the marketing speak, and believe it is for their own good, and the good of everyone else, and accept turning customers into products, rather than really exploring the social and ethical implications. Actually, too many people get caught up in the specific language of their various fields and tend to ignore how they integrate or interact with others… which does lead to the feelings and needs of non-technical users being dismissed and ignored here as well. It isn’t as if the lack of privacy isn’t going to affect technical users, but their focus doesn’t tend to be on themselves and community as much as the hardware and software specifics. There are some enlightened folk who do not dismiss the right and need for privacy, and seek to use technology to inform others of their choices, or develop ways to allow such choices… but too often, you hear the voices of those who still believe that greater privacy invasion is somehow more secure… and that Microsoft actually could not develop its AI while respecting our privacy… and that is much more important that Microsoft’s goals be supported, and that sacrificing home users is of little to no significance in service of those goals…

There are cultural differences, everywhere we look in the world. For me, it will never be acceptable to use others irrespective of their own needs… that is predatory and self-serving. Because of recognizing that Microsoft is intentionally doing so, Microsoft, as a business, is not one I will support further. However, there are a lot of good things worth salvaging… and fairly few people are willing to call Microsoft on the carpet for saying they give end users a choice, but fail to provide an off button to telemetry. Microsoft is hoping that people will be satisfied by the features, and not notice the reaping of their information. They cover themselves legally… but we still have choices. My choice is not to go further down their W10 service instead of an operating system road.

Woody has set up a Windows 7 Group A machine, specifically for testing and seeing how Microsoft treats the end users unwilling to upgrade. But it is @Canadian Tech who led the way to setting up our Windows 7 without telemetry, and providing tech support so that others could do the same. I haven’t heard of anyone who followed his advice to have had any loss of usefulness of their computers, or being subject to malware problems… and all of us have avoided the continuing drama and stress of Microsoft updating.

At the same time, the DEFCON system is exceedingly useful for those who make different decisions under the same circumstances, allowing them to minimize the adverse impact of having been relegated to beta testing patches. It is as important to respect their decisions, as it is for them to respect ours.

Can’t help but savor the stability, reliability, and usefulness of the choice I’ve made, and sometimes feel gleeful when the bug reports are flooding in… but I know I’ll have to continue to make choices in the future… and it is important to have accurate reports on W10’s performance and features to guide my decision making.

Don’t feel lost in the big splash that ‘merging the whale’ floods us with… stepping up and posting will help inform others of their ability to make other choices… and reports of the stability and lack of problems will stand in stark contrast to the bugs, BSOD, and lack of choice that W10 users are constantly faced with.

Every month I try to understand, not just note, the bugs that come up, for all the operating systems. I look for patterns, for root causes, for usefulness, for what is spoken of and what is ignored. The more that technology is being integrated into our daily lives, the more important our choices become.

It surely puzzles me, though, that a company like Microsoft would choose to abuse end users, people who have invested in their products, and rationalize how it is okay. That, alone, is a symptom of how far off track they are.

It further puzzles me, that even though people have struggled for rights and freedom throughout the world for centuries, and been willing to sacrifice their lives to such end, that so many people would ignore the violations of hard won rights, just to be able to use the latest tech… and pay for the privilege.

Northwest: ” is it just my imagination, or has the tone here deteriorated a bit? ”

I have not noticed that; perhaps you are referring to the tone of comments on Windows 10 and where MS seems to be going now? That may be just Windows 10 and repeated bad patches’ fatigue. But some here are also of the opinion that things are not nearly as bad as most people here, and elsewhere, are saying.

And strategies people that either want to stay with Windows 7 after its EULA, or at least not to progress to Windows 10, are promising to adopt or are already adopting, include: for some, staying put, for others (myself included) to prepare to migrate to, or even having mostly migrated already to, other operating systems. Most popular among those: Linux Mint and Ubuntu (for their user friendliness), and macOS for the same reason. But another reason, for some, to use macOS is its command line, that allows the use of the full set of Linux commands, or slightly different versions of the same, which is of particular appeal to people like myself because of the work I do.

I already have installed Linux Mint in dual-boot with Windows 7, and have a Mac, so with that I have access to macOS as well.

There many useful threads on installing Linux and also on macOS, in “Linux for Windows Wonks” and “macOS for Windows Wonks” here, at Woody’s. Their links are towards the middle of the brown right bar =>

The tone hasn’t deteriorated, but it has shifted. Up until last year the emphasis was on “OMG what did Microsoft break now – and how do I fix it?” Starting with our whale swallowing — adding 120,000 new users, a million posts, we’re shifting to more of a “tech help” site.

That’s made possible by dozens of really capable gurus who have migrated here from Windows Secrets.

Win7 exit strategies are a stock in trade (and they’re more in the nature of “tech help” rather than “what did MS break now”). Take a look at my ongoing Seven Semper Fi series. There’s no one-size-fits-all answer to your three questions, but Win7 will still have a lot of life left in it after Jan 2020, particularly if you’re careful, move to a different antivirus package, and use a real browser.

Sorry about the Wordfence block, but as we’re getting bigger, we’re seeing more attacks on the site. In the past, we’ve kind of taken the hit and brought the site back as quickly as we could. Now we’re being more proactive. Still, we’re getting more than a hundred new spam-linked accounts every day, and we’re seeing more and more forced malware injection attempts. Wordfence has been invaluable.

Anyway, good to see you again. Keep us posted on your adventures on the Group W bench, and chime in with advice for those who want to stick with the Big 7. Also, don’t be afraid to recommend other operating systems — we’re branching out beyond Windows (and for obvious reasons). Win7 coupled with a Chromebook or even a phone may be the best alternative for a post-Jan 2020 setup.

1 user thanked author for this post.

My view varies to yours.
– Too many seem to be bashing Microsoft to fit it.
– We don’t need Microsoft getting away with evil deeds but we do need to hold back until there is sufficient evidence what they are doing. For example the idea that Microsoft is deliberately breaking Windows 7 to get people onto Windows 10 is ludicrous.

The example doesn’t absolve Microsoft for their updates breaking systems. It simply recognises we should not be stating without evidence the breaks are deliberate. Be angry about the bad deed, not about imagined intent.

2 users thanked author for this post.

My view varies to yours.
– Too many seem to be bashing Microsoft to fit it.
– We don’t need Microsoft getting away with evil deeds but we do need to hold back until there is sufficient evidence what they are doing. For example the idea that Microsoft is deliberately breaking Windows 7 to get people onto Windows 10 is ludicrous.

The example doesn’t absolve Microsoft for their updates breaking systems. It simply recognises we should not be stating without evidence the breaks are deliberate. Be angry about the bad deed, not about imagined intent.

You mean to tell that Microsoft wasn’t aware that April API/kernel changes will break AV software, yet went ahead with the updates ?
I don’t believe it for a second.
Will Microsoft pay for the damages to hundreds of million PCs/Servers that were hit ? No chance.

The DEFCON System refers to PATCHING, not a specific version of Windows. It applies to ALL versions of Windows. (And you should make it a habit for any version of software too, unless you like being a Guinea Pig or cannon fodder)

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.